Hacker puts up for sale third round of hacked databases on the Dark Web
A hacker going by the name of Gnosticplayers has put up for sale another set of hacked databases on a Dark Web marketplace.
This is the third round of hacked databases the hacker has published on the Dark Web marketplace known as Dream Market. He previously posted a batch of 16 databases containing the data of 620 million users and a second batch of eight databases with the data of 127 million users.
Today, the hacker published eight more hacked DBs containing data for 92.76 million users. The biggest name in today's batch is GfyCat, the famous GIF hosting and sharing platform. The hacker is selling each database individually on Dream Market. Together, all eight are worth 2.6249 bitcoin, which amounts to roughly $9,400.
In an interview with ZDNet on Friday, Gnosticplayers took credit for the hacks and denied being just an intermediary.
The hacker says he intends to sell over one billion user records and then disappear with the money. His current total stands at roughly 840 million records.
"My two main goals are: -money -downfall of American pigs," he told us.
New leaks are coming, including one from a cryptocurrency exchange, the hacker told ZDNet.
The eight companies whose data Gnosticplayers put up for sale today are listed below:
| Company | DB size | Breach date | Price | Content |
|---|---|---|---|---|
| Legendas.tv (movie sharing service) | 3.86 Mil | 2017/10 | ฿0.35 | username, password (cleartext), email, IP address |
| Jobandtalent (job portal) | 11 Mil | 2018/02 | ฿0.4669 | id, email, SHA1 encrypted password, password salt, first name, surname, current IP address |
| Onebip (mobile payment platform) | 2.6 Mil | 2017/10 | ฿0.2626 | user ID, name, email, password (cleartext), address, company info, phone number, PayPal info, banking info, login logs, API key, and other |
| StoryBird (storytelling service) | 4 Mil | 2015 | ฿0.2334 | email, password (SHA256), username, other |
| StreetEasy (real estate) | 1 Mil | 2018/05 | ฿0.175 | username, email, password hash (SHA1) and salt, other |
| GfyCat (GIF image hosting) | 8 Mil | 2018 | ฿0.35 | username, password hash (SHA512), email, other |
| ClassPass (fitness service) | 1.5 Mil | 2018 | ฿0.204 | email, password hash (SHA1), username, country, sex, full name |
| Pizap (online photo editor) | 60.8 Mil | 2018 | ฿0.583 | Facebook user ID, password hash (SHA1 / not for all), email address, other |
None of the eight companies listed in Gnosticplayers' ad had previously disclosed a data breach. ZDNet has sent requests for comment to the eight companies. We will update the article with any information we get back. However, many of the companies whose data the hacker has put up for sale in the past week have already admitted to suffering security breaches, making very likely that the data he's selling today is also legitimate.
In addition, each listing was also accompanied with the following message:
George Duke-Cohan is a young and talented boy, instead of giving him a chance, the UK govt sends him to prison for three years.
Now, he's been told by the American government, that he faces 65 years for the offense he was already sentenced to three years in the UK. It means he will be judged twice ??
May this upcoming release of dumps serve as a reminder:
When countries claim to respect their citizens, they have duty protect them. I wouldn't be surprised whether George Duke-Cohan ends his life, the UK gov already destroyed him and doing this is like sentencing him to death.
If he is not given a fair justice during the upcoming days, weeks, years, more data will be released....
George Duke-Cohan is a UK national who is part og the Apophis Squad hacking crew. He was arrested last summer and sentenced to three years in prison last December.
UPDATE: GfyCat told ZDNet that they have started an investigation into the hacker's claims.
"We can also confirm that any account databases are strongly encrypted and salted, so no plain text passwords would be in any compromised data," a spokesperson told us via email today.
A ClassPass spokesperson also told us they've launched an investigation. OneBip also started an investigation, and provided the following statement.
"Please rest assured that between 10/2017 and today there have been several improvements made on the security side independently from this claimed data breach. We have already informed our customers about this, and precautionary measures have already been initiated," OneBip said.
Data leaks: The most common sources
More data breach coverage:
- Chinese company leaves Muslim-tracking facial recognition database exposed online
- Hackers wipe US servers of email provider VFEmail
- Dunkin' Donuts accounts compromised in 2nd credential stuffing attack in 3 months
- Hackers tried to steal €13 million from Malta's Bank of Valletta
- Online casino group leaks information on 108 million bets, including user details
- 127 million user records from 8 companies put up for sale on the dark web
- Massive breach leaks 773 million email addresses, 21 million passwords CNET
- Hackers turn to data theft and resale on the Dark Web for higher payouts TechRepublic